
|
|
Today's report
|
|
Source: Security Rabbits
| π°The Rabbit's Foot (TLDR) |
|
π₯ Critical WinRAR Path Traversal (CVE-2025-8088) Actively Exploited: A path traversal vulnerability in the Windows version of WinRAR is being exploited in the wild to execute arbitrary code via malicious archives. Immediately update WinRAR to the latest version and educate users not to open archives from untrusted sources.
π₯ Multiple Critical Vulnerabilities Demand Immediate Patching: Several high-impact flaws are being actively exploited or are highly likely to be targeted, including CVE-2026-46817 in Oracle E-Business Suite (unauthenticated takeover), CVE-2026-8037 in Progress Kemp LoadMaster (pre-auth root RCE), and CVE-2026-48558 in SimpleHelp (used to deploy malware). Prioritize patching these systems immediately.
π₯ Critical Plugin & Enterprise Software Flaws Require Urgent Action: Unauthenticated privilege escalation in ProfileGrid WordPress Plugin (CVE-2026-12073) and pre-auth RCE in IBM Db2 (CVE-2026-10109) pose severe risks. Update ProfileGrid and apply the IBM fix for Db2 without delay.
π₯ Adobe ColdFusion Under Active Threat from Ransomware Groups: Multiple critical vulnerabilities (CVE-2026-48276 and related CV
|
Source: CVE Trend
| π°Trending vulnerability |
HIGH CVE‑2025‑8088
Published: 2025-08-08 Updated: 2026-06-17
π₯π₯βͺβͺβͺβͺβͺβͺβͺβͺ (19%)A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Kosinar, and Peter Strycek. ..
|
Source: NIST
π₯ CVE-2026-12073 ProfileGrid WordPress Plugin
Critical unauthenticated privilege escalation via account takeover. Attackers can change the email of the admin user (ID=1) and reset the password. Update the plugin immediately.
π₯ CVE-2026-10109 IBM Db2
Critical pre-auth remote code execution via improper DRDA handshake handling. This is a high-impact vulnerability in a widely-used enterprise database. Apply the IBM fix immediately.
π₯ CVE-2026-48276 Adobe ColdFusion
Multiple critical vulnerabilities (CVE-2026-48276, CVE-2026-48277, CVE-2026-48281, CVE-2026-48282, CVE-2026-48283, CVE-2026-48313, CVE-2026-48315) allow unauthenticated remote code execution and path traversal. ColdFusion is a prime target for ransomware groups. Prioritize patching.
π₯ CVE-2026-58138 Orkes Conductor
Critical unauthenticated remote code execution via inline workflow definitions. Attackers can execute arbitrary OS commands on the server. Patch to version 3.30.2 or later.
π₯ CVE-2026-56413 Storage Concentrator (SC & SCVM)
Multiple critical vulnerabilities (CVE-2026-56413, CVE-2026-56415, CVE-2026-55721, CVE-2026-50110) allow unauthenticated remote command injection, SQL injection, and contain hardcoded credentials. This is a complete system compromise. Isolate and patch immediately.
π₯ CVE-2026-56278 Flowise
Critical authentication bypass due to a weak hardcoded default session secret. An attacker can forge session cookies to impersonate any user. Change the EXPRESS_SESSION_SECRET environment variable and upgrade.
π₯ CVE-2026-58449 txtai
Critical unauthenticated remote code execution via the /reindex endpoint. An attacker can call arbitrary Python functions, including subprocess.getoutput. Ensure authentication is enabled and the API is not exposed to the internet.
π₯ CVE-2026-12243 NLTK π₯ CVE-2026-58302 LinuxCNC π₯ CVE-2026-11589 CVE-2026-11590 WP Support Plus Responsive Ticket System WordPress Plugin π₯ CVE-2026-12240 Export User Data WordPress Plugin π₯ CVE-2026-12818 CVE-2026-12819 Delta Electronics DVP12SE PLC π₯ CVE-2026-14164 libarchive π₯ CVE-2026-56137 RPG MAKER MV and MZ π₯ CVE-2026-56808 DGM3103SCT (AVTECH Security) π₯ CVE-2026-12578 Unspecified Product (Deserialization) π₯ CVE-2025-24815 CVE-2025-7406 Nokia MantaRay NM π₯ CVE-2026-10763 PROMOD V π₯ CVE-2026-12076 Raytha CMS π₯ CVE-2026-13149 brace-expansion π₯ CVE-2026-8141 Ajax Load More - Filters WordPress Plugin π₯ CVE-2026-9711 EventON WordPress Plugin π₯ CVE-2026-49432 CVE-2026-49434 CVE-2026-49877 CVE-2026-50734 CVE-2026-50750 CVE-2026-53916 CVE-2026-53917 CVE-2026-54475 Apache ActiveMQ π₯ CVE-2026-13766 DBIx::QuickORM (Perl) π₯ CVE-2026-14161 CVE-2026-14162 Hospital Queuing Management (Advantech) π₯ CVE-2026-41053 CVE-2026-44946 CVE-2026-44949 Rancher π₯ CVE-2026-53690 CVE-2026-53691 Redeight CMS π₯ CVE-2026-57080 CVE-2026-57081 Net::BitTorrent (Perl) π₯ CVE-2026-8402 SYSGUARD 6001 (Eksagate) π₯ CVE-2026-10816 CVE-2026-13474 CVE-2026-8451 CVE-2026-8452 CVE-2026-8655 NetScaler ADC and NetScaler Gateway π₯ CVE-2026-58014 CVE-2026-58016 GLib π₯ CVE-2026-58116 LLaMA-Factory π₯ CVE-2026-6556 @fastify/express π₯ CVE-2026-27957 Coolify π₯ CVE-2026-48285 CVE-2026-48307 Adobe ColdFusion π₯ CVE-2026-48286 Adobe Campaign Classic π₯ CVE-2026-49451 OpenAPI.NET SDK π₯ CVE-2026-58165 OpenZiti π₯ CVE-2026-58166 OpenBMB ChatDev π₯ CVE-2026-58168 DeepTutor π₯ CVE-2026-58169 CVE-2026-58170 Vibe-Trading π₯ CVE-2026-58172 Ocelot π₯ CVE-2026-58370 Woodpecker π₯ CVE-2026-58372 SeaweedFS π₯ CVE-2026-58375 JimuReport π₯ CVE-2026-58376 Dolibarr π₯ CVE-2026-58377 JeecgBoot π₯ CVE-2026-8864 HP Fan Control App π₯ CVE-2026-10513 Webmention WordPress Plugin π₯ CVE-2026-10129 CVE-2026-10134 CVE-2026-10140 CVE-2026-10546 CVE-2026-10560 CVE-2026-10564 CVE-2026-7663 CVE-2026-7803 CVE-2026-7871 CVE-2026-7873 CVE-2026-7874 IBM Langflow OSS π₯ CVE-2026-11546 CVE-2026-11708 CVE-2026-11712 CVE-2026-11714 CVE-2026-11806 CVE-2026-11594 CVE-2026-11541 IBM WebSphere Application Server π₯ CVE-2026-13449 IBM Business Automation Manager Open Editions π₯ CVE-2026-13759 CVE-2026-13772 IBM WebSphere Extreme Scale π₯ CVE-2025-36359 IBM DevOps Automation / DevOps Loop π₯ CVE-2026-13207 FUXA π₯ CVE-2026-44628 CVE-2026-35505 CVE-2026-50003 CVE-2026-50254 CVE-2026-52868 DCMTK / storescp / worklist server π₯ CVE-2026-57585 MessagePack (Python) π₯ CVE-2025-71349 CVE-2025-71350 CVE-2025-71352 CVE-2025-71355 CVE-2025-71363 CVE-2025-71368 CVE-2025-71371 CVE-2025-71374 picklescan π₯ CVE-2026-54672 CVE-2026-54673 electron-updater π₯ CVE-2026-56219 CVE-2026-56230 CVE-2026-56233 CVE-2026-56247 CVE-2026-56249 CVE-2026-56286 CVE-2026-56300 CVE-2026-56320 Capgo π₯ CVE-2026-56264 Crawl4AI π₯ CVE-2026-56700 Grav CMS π₯ CVE-2026-57995 phpMyFAQ
|
Source: Ransomware.live
|
| infinedi.net, rcfassoc.com, petradiamonds.com, owensborograin.com, orion4value.com, touredge.com, joyconstructionnyc.com, ilex-paysages.com, clc-tn.com, vcnyhome.com, wilfley.com |
|
| Hemmersbach GmbH & Co. KG, Chamco |
|
| Brooklyn Defender Services |
|
| Primed Halberstadt Medizintechnik |
|
Source: Hybrid Analysis
Source: Hybrid Analysis
|
|